package com.zt.securityTest.controller;

import com.zt.securityTest.common.R;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

/**
 * time:2024.11.14
 * 用于测试用
 */
@RestController
@RequestMapping("/index")
public class IndexController {

    @GetMapping("/select")
    @PreAuthorize("hasAnyAuthority('select')")//权限本身就是使用字符串来进行管理的
    public R getIndex() {
        return R.ok().message("这是一个测试用的controller和方法。。。");
    }

    @GetMapping("/getNews")
    @PreAuthorize("hasAnyAuthority('sys:news:select')")
    public R getNews(){
        return R.ok().message("get newsList");
    }

    @PostMapping("/addNews")
    @PreAuthorize("hasAnyAuthority('sys:news:add')")
    public R addNews(){
        return R.ok().message("add newsList");
    }

    @PostMapping("/updateNews")
    @PreAuthorize("hasAnyAuthority('sys:news:update')")
    public R updateNews(){
        return R.ok().message("update newsList");
    }

    @DeleteMapping ("/deleteNews")
    @PreAuthorize("hasAnyAuthority('sys:news:delete')")
    public R deleteNews(){
        return R.ok().message("delete newsList");
    }
}
